Re: Application Control configuration

The problem with *mail.google.com* is that "fakemail.google.com.badsite.com" matches. Why not jsut have a rule that if the url matches "https://accounts.google.com/*" and Header.Request.Get(Referer) matches https://mail.google.com/*If this fires before the block for accounts.google.com, then everything should work fine

Would that work? (As a reminder I am trying to allow a specific Gmail AD Group to access Gmail and block it as a Webmail Category for everyone else)

Any requirement now to make any reference to accounts.google.com?

Also when I select the Header.Request.Get property, there is a drop-down box at the bottom right that says 'parameters'. I have the option of putting a parameter value there. Do I need to do that? I've already specified the mail.google.com URL in the criteria section of this rule. I am confused as to what value this parameter requires. Please can you advise?

Re: Application Control configuration

I tried configuring gmail as outlined using the referrer header and it didn't work - my test user in the gmail AD group was then blocked. I will try and upload a picture to illustrate what I configured as I probably did it wrong!

I notice there were property parameter options for the Header Name but I left it blank:

Should I have put something in here?

This is what I originally had configured which worked but required a custom category that included accounts.google.com:

Re: Application Control configuration

Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.